WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

RE: [Xen-users] Openswan and xen problems

That sounds like something that could keep me spinning my wheels for
hours if you hadn't told me! Thanks.  However, we are very hesitant to
use unstable on a production device.  Is there a way to solve the
problem in the 2.0.7 stable release? - John

On Sat, 2005-09-03 at 11:15 +0100, Ian Pratt wrote:
> If you're using -unstable, look for an earlier thread about using
> ethtool to disable checksum offload on the virtual interfaces. We do
> need to fix the underlying problem at some point, though.
> 
> Ian
> 
> > I'm trying to build a RoadWarrior VPN Gateway using openswan 
> > 2.4.0rc3 on a xen 2.0.7 domU.  I'm having a bit of trouble 
> > and before I beat my head against the wall for hours, I was 
> > wondering if anyone else has done this and can give me some pointers.
> > 
> > I am not using L2TP so I should not have the driver problem.  
> > When I disable ipsec on both the xen station and the 
> > CyberGuard SG580 were using for testing as the office gateway 
> > (as opposed to the RAS gateway), they can ping each other 
> > fine.  When I enable ipsec, it's as if the xen station does 
> > not want to listen to the SG.  The SG sends MI1 and there is 
> > no response.  The xen device sends MI1, the SG send MR1 and 
> > xen ignores it.
> > 
> > The same configuration with a non-xen gateway works fine.  
> > Please don't spend lots of time on this as I should put more 
> > time in myself before really crying for help but, if someone 
> > has done this or knows what the problem is, please let me 
> > know.  Thanks - John
> > --
> > John A. Sullivan III
> > Open Source Development Corporation
> > +1 207-985-7880
> > jsullivan@xxxxxxxxxxxxxxxxxxx
> > 
> > If you would like to participate in the development of an 
> > open source enterprise class network security management 
> > system, please visit http://iscs.sourceforge.net
> > 
> > 
> > _______________________________________________
> > Xen-users mailing list
> > Xen-users@xxxxxxxxxxxxxxxxxxx
> > http://lists.xensource.com/xen-users
> > 
-- 
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan@xxxxxxxxxxxxxxxxxxx

Financially sustainable open source development
http://www.opensourcedevel.com


_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>